CN106452752A - Method and system of modifying cipher, client, server and smart device - Google Patents

Method and system of modifying cipher, client, server and smart device Download PDF

Info

Publication number
CN106452752A
CN106452752A CN201610931829.2A CN201610931829A CN106452752A CN 106452752 A CN106452752 A CN 106452752A CN 201610931829 A CN201610931829 A CN 201610931829A CN 106452752 A CN106452752 A CN 106452752A
Authority
CN
China
Prior art keywords
data
random number
password
new
key data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610931829.2A
Other languages
Chinese (zh)
Other versions
CN106452752B (en
Inventor
陈柳章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Minghua Alliance Technology Co Ltd
Original Assignee
Beijing Minghua Alliance Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Minghua Alliance Technology Co Ltd filed Critical Beijing Minghua Alliance Technology Co Ltd
Priority to CN201610931829.2A priority Critical patent/CN106452752B/en
Publication of CN106452752A publication Critical patent/CN106452752A/en
Application granted granted Critical
Publication of CN106452752B publication Critical patent/CN106452752B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Abstract

The invention is suitable for the technical field of communication, and provides a method and system of modifying a cipher, a client, a server and a smart device. The method of modifying a cipher includes the following steps: a client acquires a new cipher or key data; after receiving a command, of acquiring a randomized number, sent from a server, a smart device generates a randomized number and then caches the randomized number and sends the randomized number to the client through the server; according to the old cipher or key data, the randomized number and the new cipher or key data, the client obtains the new cipher or key data cryptograph; and after the smart device receives the command message of a first modification cipher generated from the server, the smart device decrypts the command message of the first modification cipher according to the old cipher or key data and the randomized number to obtain the new cipher or key data which is obtained through decryption, and then uses the new cipher data obtained through decryption to replace the old cipher data or uses the new key data obtained through decryption to replace the old key data. The method and system of modifying a cipher, the client, the server and the smart device can avoid leakage of key data.

Description

The method of Modify password, system and client, server and smart machine
Technical field
The invention belongs to communication technical field, more particularly, to a kind of method of Modify password, system and client, server And smart machine.
Background technology
User cipher is used to the identity of operator is confirmed, is generally possible to provide correct user cipher to be quilt It is considered validated user, it is possible to obtain operating right corresponding with user cipher.In use, user can be according to oneself Needs the Old Password pre-setting is revised as new password.
However, in realizing process of the present invention, inventor finds that the method for the Modify password that prior art provides at least is deposited In following problem:
During user's registration, by the Old Password of user setup, in plain text or Old Password ciphertext is saved in server.Client will The corresponding new password of new password of user input is in plain text or new password ciphertext is after line transmission is to server, and server is used Described new password is in plain text or described new password ciphertext replaces Old Password plaintext or Old Password ciphertext.
The mode of this kind of Modify password, Old Password is in plain text or Old Password ciphertext is saved in server database, and services Leak in the data base administration of device or storage dangerous, database data may be led to reveal, occur Old Password bright Literary composition or Old Password the leakage of password event, and, in Modify password, transmit on the line is new password plaintext or Xinmi City The corresponding new key data of code, therefore new password is easily stolen.In a word, the method for the Modify password that prior art provides may Password is led to reveal the generation of event.
Content of the invention
In view of this, the embodiment of the present invention provides a kind of method of Modify password, system and client, server and intelligence Equipment, may lead to password to reveal event with the method solving the problems, such as the Modify password of prior art offer.
In a first aspect, provide a kind of method of Modify password, Old Password data or old key data to be stored in intelligence setting In standby, methods described includes:
Client sends and obtains RANDOM NUMBER request to server;
Server generates, according to the described RANDOM NUMBER request that obtains, the order obtaining random number, and is forwarded described by client The order obtaining random number is to smart machine;
Smart machine generates random number according to the described order obtaining random number, caches described random number, generates and comprise institute State the random number response data of random number, and described random number response data is forwarded to server by client;
Server parses described random number from described random number response data, and sends described random number to client End;
Client obtains new password data or new key data and Old Password data or new key data, and according to described old Code data or old key data, described random number and described new password data or new key data, obtain new password data close Literary composition or new key data ciphertext, and the first new password data of described new password data ciphertext or new key data ciphertext will be included Ciphertext or the first new key data ciphertext send to server;
Server generates the first Modify password according to described first new password data ciphertext or the first new key data ciphertext Command message, and the command message of described first Modify password is forwarded to smart machine by client;
Smart machine enters to the command message of described first Modify password according to described Old Password data or old key data Row deciphering, obtains deciphering the new password data obtaining or new key data, and the new password data being obtained with described deciphering replaces institute State Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
Further, new password data or new key data and Old Password data or old cipher key number are obtained in described client According to afterwards, also include:
Described new password data conversion is become new key data by client, and described Old Password data conversion is become old cipher key number According to.
Further, described client is according to described Old Password data or old key data, described random number and described new Code data or new key data, obtain new password data ciphertext or new key data ciphertext includes:
Client is disperseed with random number with Old Password data or old key data, obtains the first temporary key data;
Client new password data or new key data described in described first temporary key data encryption, obtain described new Code data ciphertext or new key data ciphertext.
Further, in described client according to described Old Password data or old key data, described random number and described New password data or new key data, after obtaining new password data ciphertext or new key data ciphertext, also include:
Client obtains random number ciphertext with random number described in described first temporary key data encryption;And/or
Client is carried out to described new password data ciphertext or new key data ciphertext with described first temporary key data Message authentication is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, first Mac result;
Described described first new password data ciphertext or the first new key data ciphertext are sent to server after, also Including:
Server is according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described First Mac result generates the command message of the second Modify password, and the command message of described second Modify password is passed through client End is forwarded to smart machine.
Further, in described smart machine according to described Old Password data or old key data and described random number to institute The command message stating the first Modify password is decrypted, after obtaining deciphering the new password data obtaining or new key data, also Including:
Smart machine described Old Password data or old key data and the described random number dispersion of caching, obtain second and face When key data;
Smart machine described second temporary key data the command message of described second Modify password is included with Machine number ciphertext is decrypted, and obtains the random number that described deciphering obtains;And/or
It is new that the described second temporary key data of smart machine includes to the command message of described second Modify password Code data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Further, described smart machine according to described Old Password data or old key data and described random number to described The command message of the first Modify password is decrypted, and obtains deciphering the new password data obtaining or new key data includes:
Smart machine is included with the command message of the first Modify password described in described second temporary key data deciphering New ciphertext password or new key data ciphertext, obtain new password data or new key data that described deciphering obtains.
Further, in described smart machine according to described Old Password data or old key data and described random number to institute The command message stating the first Modify password is decrypted, after obtaining deciphering the new password data obtaining or new key data, also Including:
The described random number of the random number that described deciphering is obtained by smart machine and caching is compared and/or by described the Two Mac results are compared with a described Mac result, if unanimously, the new password data being obtained with described deciphering is replaced Described new password data or the new key data being obtained with described deciphering replace described old key data.
Further, described Old Password data or old key data are stored in the safety chip of smart machine.
On the other hand, a kind of client, Old Password data or old key data is provided to be stored in smart machine, described Client includes:
RANDOM NUMBER request sending module, obtains RANDOM NUMBER request to server for sending;
Obtain random number order sending module, the order of the acquisition random number generating for forwarding server sets to intelligence Standby, the described order obtaining random number is to be generated according to the RANDOM NUMBER request that obtains that client sends;
Random number response data forwarding module, for forwarding random number response data to server, wherein, smart machine root Generate random number according to the described order obtaining random number, after caching described random number, generate the random number comprising described random number Response data;
Random number receiver module, for the reception server parse from described random number response data described random Number;
New password or key data ciphertext sending module, for according to described Old Password data or old key data, described Random number and described new password data or new key data, obtain new password data or new key data ciphertext, and by described bag Include the first new password data ciphertext or the first new key data ciphertext of described new password data ciphertext or new key data ciphertext Send to server;
First Modify password packet forwarding module, for the command message of the first Modify password is forwarded to smart machine, With close to described first Modify password according to described Old Password data or old key data and described random number by smart machine Make message be decrypted, obtain deciphering the new password data obtaining or new key data, Xinmi City's yardage being obtained with described deciphering The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data, wherein, clothes Business device generates the command message of the first Modify password according to described new password data ciphertext or new key data ciphertext.
Further, described client also includes:
Modular converter, for described new password data conversion is become new key data, described Old Password data conversion is become Old key data.
Further, new password or key data ciphertext sending module include:
Dispersal unit, for being disperseed with random number with Old Password data or old key data, obtains the first temporary key number According to;
Ciphering unit, for new password data or new key data described in described first temporary key data encryption, obtaining To new password data ciphertext or new key data ciphertext.
Further, described client also includes:
Random number ciphertext generation module, for obtaining random number with random number described in described first temporary key data encryption Ciphertext;And/or
First Mac result-generation module, for described first temporary key data to described new password data ciphertext or New key data ciphertext carries out message authentication and is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, first Mac result;
Described client also includes:
Second Modify password packet forwarding module, sets for the command message of described second Modify password is forwarded to intelligence Standby, by server according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described first Mac result generates the command message of the second Modify password.
Another further aspect, provides a kind of server, Old Password data or old key data to be stored in smart machine, described Server includes:
Request receiving module, for receiving the acquisition RANDOM NUMBER request of client transmission;
Obtain random number order sending module, for the life obtaining random number is generated according to the described RANDOM NUMBER request that obtains Order, and the described order obtaining random number is forwarded to smart machine by client;
Random number response data receiver module, for receiving the random number response data of client forwarding, wherein, intelligently sets Standby random number is generated according to the described order obtaining random number, after caching described random number, generate comprise described random number with Machine number response data;
Random number sending module, for parsing described random number from described random number response data, and sends described Random number is to client;
New password or key data ciphertext receiver module, for receiving new data password or the new key number of client transmission According to ciphertext, wherein, client according to described Old Password data or old key data, described random number and described new password data or New key data, obtains new key data ciphertext;
First Modify password message sending module, for according to described new password data ciphertext or the life of new key data ciphertext Become the command message of the first Modify password, and the command message of described first Modify password be forwarded to intelligence by client to set Standby, with by smart machine according to described Old Password data or old key data and described random number to described first Modify password Secret order message is decrypted, and obtains deciphering the new password data obtaining or new key data, the new password being obtained with described deciphering Data replaces described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
Further, described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, And/or, a Mac result, described server also includes:
Second Modify password message sending module, for according to described new password data ciphertext or new key data ciphertext, Described random number ciphertext and/or the command message of described Mac result generation second Modify password, and described second is changed The command message of password is forwarded to smart machine by client;
Wherein, client is according to described Old Password data or old key data, described random number and described new password data Or new key data, obtain random number ciphertext and/or a Mac result.
Another aspect, provides a kind of smart machine, Old Password data or old key data to be stored in described smart machine, Described smart machine includes:
Obtain random number Order receiver module, for receiving the order of the acquisition random number forwarding by client, wherein, The described order obtaining random number is that server generates according to the RANDOM NUMBER request that obtains that client sends;
Random number response data sending module, for generating random number according to the described order obtaining random number, caches institute State random number, generate the random number response data comprising described random number, and described random number number of responses is forwarded by client According to server;
First Modify password message receiver module, the first Modify password life being forwarded by client for the reception server The message of order, wherein, server parses described random number from described random number response data, and sends described random number extremely After client, client is according to described Old Password data or old key data, described random number and described new password data or new Key data, obtains new password data ciphertext or new key data ciphertext, and by described inclusion described new password data ciphertext or First new password data ciphertext of new key data ciphertext or the first new key data ciphertext send to server, server according to Described new password data ciphertext or the command message of new key data ciphertext described first Modify password of generation;
Password modified module, for the life to described first Modify password according to described Old Password data or old key data Make message be decrypted, obtain deciphering the new password data obtaining or new key data, Xinmi City's yardage being obtained with described deciphering The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
Further, described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, And/or, a Mac result, described smart machine also includes:
Second Modify password message receiver module, the second Modify password life being forwarded by client for the reception server The message of order, wherein, server parses described random number from described random number response data, and sends described random number extremely After client, client is according to described Old Password data or old key data, described random number and described new password data or new Key data, obtains new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result, and by institute State new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result send to server, service Device generates the command message of described second Modify password according to described new password data ciphertext or new key data ciphertext;
Dispersed modules, for described Old Password data or old key data and the described random number dispersion of caching, obtaining Second temporary key data;
Random nnrber decryption module, for wrapping in the command message to the second Modify password for the described second temporary key data The random number ciphertext including is decrypted, and obtains the random number that described deciphering obtains;And/or
Message identification module, for in the command message to described second Modify password for the described second temporary key data Including new password data or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Further, described Password modified module includes:
New key data decryption unit, for the life with the first Modify password described in described second temporary key data deciphering Make the new password data ciphertext that message includes or new key data ciphertext, obtain the new password data or new that described deciphering obtains Key data.
Further, described Password modified module also includes:
Comparing unit, the random number for obtaining described deciphering is compared with the described random number caching and/or will Described 2nd Mac result and a described Mac result are compared, if unanimously, Xinmi City's yardage of being obtained with described deciphering The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
Further, described Old Password data or old key data are stored in the safety chip of smart machine.
Another further aspect, provides a kind of system of Modify password, and described system includes client as above, as mentioned above Server and smart machine as above.
The beneficial effect that the embodiment of the present invention compared with prior art exists is:The embodiment of the present invention is passed through Old Password number According to or old key data be stored in smart machine, without storage in the server, and on the line without carrying out Old Password number According to or old key data transmission, Old Password data or the leakage of old key data can be avoided.In addition, in Modify password, Using random number, new password data or new key data are encrypted, transmit on the line is to comprise new password data or new The random number of code data corresponding new key data, therefore new password data or new key data are to be transmitted with the mode of ciphertext It is not easy to be stolen so that the transmission of password or key data is safer, overcome prior art offer modification The method of password may lead to password to reveal the problem of event.
Brief description
For the technical scheme being illustrated more clearly that in the embodiment of the present invention, below will be to embodiment or description of the prior art In required use accompanying drawing be briefly described it should be apparent that, drawings in the following description be only the present invention some Embodiment, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these Accompanying drawing obtains other accompanying drawings.
Fig. 1 is the flowchart of the method for Modify password that first embodiment of the invention provides;
Fig. 2 is the structured flowchart of the client that second embodiment of the invention provides;
Fig. 3 is the structured flowchart of the server that third embodiment of the invention provides;
Fig. 4 is the structured flowchart of the smart machine that fourth embodiment of the invention provides;
Fig. 5 is the structured flowchart of the system of Modify password that fifth embodiment of the invention provides.
Specific embodiment
In order that the objects, technical solutions and advantages of the present invention become more apparent, below in conjunction with drawings and Examples, right The present invention is further elaborated.It should be appreciated that specific embodiment described herein is only in order to explain the present invention, and It is not used in the restriction present invention.
It should be noted that the executive agent of the embodiment of the present invention includes server, client and smart machine.Wherein, C/S (Client/Server) structure, i.e. client-server structure, client can be met between client and server Can also meet B/S (Browser/Server) structure between server, i.e. browser and server structure, in addition, client End can be mobile phone or computer etc., and here is all not construed as limiting.
Below in conjunction with specific embodiment, the realization of the present invention is described in detail:
Embodiment one
Fig. 1 show the embodiment of the present invention one provide the method for Modify password realize flow process, details are as follows:
In step S101, client sends and obtains RANDOM NUMBER request to server.
In embodiments of the present invention, client can generate an acquisition RANDOM NUMBER request, and actively sends described acquisition RANDOM NUMBER request is to server.
In step s 102, server generates, according to the described RANDOM NUMBER request that obtains, the order obtaining random number, and passes through Client forwards the described order obtaining random number to smart machine.
In embodiments of the present invention, the acquisition RANDOM NUMBER request life that server can send according to client in step S101 Become to obtain the order of random number, and the described order obtaining random number is forwarded to smart machine by client.
In step s 103, smart machine generates random number according to the described order obtaining random number, and caching is described random Number, generates the random number response data comprising described random number, and forwards described random number response data to clothes by client Business device.
In embodiments of the present invention, the life of the acquisition random number that smart machine can forward according to client in step S102 Order generates random number, caches described random number, generates the random number response data comprising described random number, and is turned by client Send out random number response data described to server.
In step S104, server parses described random number from described random number response data, and sends described Random number is to client.
In embodiments of the present invention, server can first from step S103 client forward random number response data in Parse the random number that in step S103, smart machine generates, retransmit described random number to client.
In step S105, client obtains new password data or new key data and Old Password data or old cipher key number According to, and according to described Old Password data or old key data, described random number and described new password data or new key data, obtain To new password data ciphertext or new key data ciphertext, and described new password data ciphertext or new key data ciphertext will be included First new password data ciphertext or the first new key data ciphertext send to server.
In embodiments of the present invention, user inputs new password data by client, and client receives user input After new password data, described new password data conversion can be become new key data corresponding with described new password data, specifically The described method changed can be cryptographic calculation or Hash computing etc., is become described new password data conversion using which kind of mode New key data corresponding with described new password data, is not limited in the embodiment of the present invention.
New password data conversion is become after new key data corresponding with described new password data, client obtains Old Password Data or old key data, described Old Password data or old key data are that user inputs in client, are stored in intelligence and set In standby.
After getting Old Password data or old key data, client according to described Old Password data or old key data, Described random number and described new password data or new key data, obtain new password data ciphertext or new key data ciphertext, and The first new password data ciphertext or the first new key data of described new password data ciphertext or new key data ciphertext will be included Ciphertext sends to server.Specifically, client is according to described Old Password data, described random number and described new password data, Obtain new password data ciphertext;Or, client according to described old key data, described random number and described new key data, The mode obtaining new key data ciphertext can have multiple choices.As key, encrypt described Old Password data as with random number With described new password data, obtain new password data ciphertext;Or, with random number and described Old Password data as key, plus Close described new password data, obtains new password data ciphertext;Or, with random number as key, encrypt described old key data With described new key data, obtain new key data ciphertext;Or, with random number and described old key data as key, plus Close described new key data, obtains new key data ciphertext.The present embodiment is to obtaining new password data ciphertext or new key number Mode according to ciphertext is not limited.
Preferably, after getting Old Password data or old key data, client first uses Old Password data or old cipher key number Disperse according to random number, obtain the first temporary key data;Again with Xinmi City's yardage described in described first temporary key data encryption According to or new key data, obtain described new password data ciphertext or new key data ciphertext;Then with described first temporary key Random number described in data encryption obtains described random number ciphertext and/or with described first temporary key data to described Xinmi City yardage Carry out message according to ciphertext or new key data ciphertext to differentiate to be calculated a described Mac result;Finally by described Xinmi City yardage Send to server according to ciphertext or new key data ciphertext, described random number ciphertext and/or a described Mac result.
In step s 106, server generates the first modification according to described new password data ciphertext or new key data ciphertext The command message of password, and the command message of described first Modify password is forwarded to smart machine by client.
In embodiments of the present invention, server first generates the according to described new password data ciphertext or new key data ciphertext Then the command message of described first Modify password is sent to intelligence by client and sets by the command message of one Modify password Standby.
Preferably, server can first wrap according in described first new password data ciphertext or the first new key data ciphertext The new password data ciphertext including or new key data ciphertext, described random number ciphertext and/or a described Mac result generate second Then the command message of described second Modify password is sent to smart machine by client by the command message of Modify password.
In step s 107, smart machine according to described Old Password data or old key data and described random number to described The command message of the first Modify password is decrypted, and obtains deciphering the new password data obtaining or new key data, uses described solution The close new password data described Old Password data of replacement obtaining or the new key data replacement being obtained with described deciphering are described old Key data.
In embodiments of the present invention, smart machine first obtains Old Password data or old key data from local, then with described The new password data ciphertext or new that Old Password data or old key data include to the command message of described first Modify password Key data ciphertext is decrypted, and obtains new password data or new key data that described deciphering obtains, and is deciphered with described To new password data replace described Old Password data or the new key data that obtained with described deciphering replaces described old key Data, to realize the modification of password.
Preferably, smart machine first obtains Old Password data or old key data from local, then with described Old Password data Or the random number ciphertext that old key data includes to the command message of described second Modify password is decrypted, obtain described solution The close random number obtaining and/or smart machine are first divided with the described random number of caching with described Old Password data or old key data Dissipate, obtain the second temporary key data, then the command message to described second Modify password with described second temporary key data The new password data ciphertext including or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Consistent with the described random number of caching or tie in a Mac result and the 2nd Mac in the random number that obtains of deciphering When fruit is consistent, the new password data that just can be obtained with described deciphering is replaced described Old Password data or is obtained with described deciphering New key data replace old key data, realize the modification of password.
Wherein, the random number that obtains of deciphering is consistent with the described random number of caching or in a Mac result and the 2nd Mac When result is consistent, illustrate that new password data or new key data are not modified, and Old Password data or old key data be correctly, Then Old Password data can be replaced or with deciphering the new key data old key data of replacement obtaining with new password data;Otherwise New password data is described or new key data be modified or Old Password data or old key data incorrect.
It should be noted that Mac result obtains according to new password data ciphertext or new key data cryptogram computation, such as The value of fruit new password data ciphertext or new key data ciphertext is modified or incorrect, and the Mac result obtaining is just not yet The same, therefore there is anti-tamper function.
Preferably, Old Password data or old key data are stored in the safety chip of smart machine, and this safety chip is Through the safety chip of the close certification of state and the certification of associated safety department, Old Password data or old key data are stored in described safety In the safe space of chip, the data that user reads this safe space can be limited, user can only be obtained by way of certification, And described Old Password data or old key data can not be obtained by other any modes.
Preferably, number of retries can be set, when the random number that obtains of deciphering is consistent with the described random number caching or When a Mac result and the 2nd Mac result are inconsistent, smart machine can successively decrease the number of retries of password, and sends password Modification failure response message is to server;Otherwise, recover number of retries, and carry out next step operation.
By the embodiment of the present invention, Old Password data or old key data can be stored in smart machine, without depositing Storage in the server, and on the line without the transmission carrying out Old Password data or old key data, can avoid Old Password number According to or old key data leakage.In addition, in Modify password, being carried out to new password data or new key data using random number Encryption, transmit on the line is the random number comprising new password data or new password data corresponding new key data, therefore New password data or new key data be with the mode of ciphertext transmit it is not easy to be stolen so that password or cipher key number According to transmission safer, the method overcoming the Modify password of prior art offer may lead to password to reveal the asking of event Topic.
In addition, Old Password data or old key data are stored in the safety chip of smart machine so that user can not be led to Any mode of other outside the mode of Modify password of crossing gets old key data, further increases Old Password data or old The safety of key data storage.
It should be understood that in embodiments of the present invention, the size of the sequence number of above-mentioned each process is not meant to the elder generation of execution sequence Afterwards, the execution sequence of each process should be determined with its function and internal logic, and should not be to the implementation process structure of the embodiment of the present invention Become any restriction.
One of ordinary skill in the art will appreciate that realizing all or part of step in the various embodiments described above method is can Completed with the hardware instructing correlation by program, corresponding program can be stored in a computer read/write memory medium In, described storage medium, such as ROM/RAM, disk or CD etc..
Embodiment two
Fig. 2 shows the concrete structure block diagram of the client that the embodiment of the present invention two provides, and for convenience of description, only illustrates The part related to the embodiment of the present invention.This client 2 constitutes the system of Modify password together with smart machine, server, Wherein, Old Password data or old key data are stored in smart machine, and this client 2 includes:RANDOM NUMBER request sending module 21st, random number order sending module 22, random number response data forwarding module 23, random number receiver module 24, new password are obtained Or key data ciphertext sending module 25 and the first Modify password packet forwarding module 26.
Wherein, RANDOM NUMBER request sending module 21, obtains RANDOM NUMBER request to server for sending;
Obtain random number order sending module 22, the order of the acquisition random number generating for forwarding server sets to intelligence Standby, the described order obtaining random number is to be generated according to the RANDOM NUMBER request that obtains that client sends;
Random number response data forwarding module 23, for forwarding random number response data to server, wherein, smart machine Random number is generated according to the described order obtaining random number, after caching described random number, generates and comprise the random of described random number Number response data;
Random number receiver module 24, for the reception server parse from described random number response data described random Number;
New password or key data ciphertext sending module 25, for obtaining new password data or new key data and Old Password Data or old key data, and according to described Old Password data or old key data, described random number and described new password data Or new key data, obtain new password data ciphertext or new key data ciphertext, and will include described new password data ciphertext or First new password data ciphertext of new key data ciphertext or the first new key data ciphertext send to server;
First Modify password packet forwarding module 26, sets for the command message of the first Modify password is forwarded to intelligence Standby, with by smart machine according to the secret order message of described Modify password with described new password data replace described Old Password data or Person replaces described old key data with described new key data, and wherein, server is according to described new password data ciphertext or Xinmi City Key data ciphertext generates the command message of the first Modify password.
Described client also includes:
Modular converter, for described new password data conversion is become new key data, described Old Password data conversion is become Old key data.
Specifically, described new key data transmission blocks 25 include:
Dispersal unit, for being disperseed with random number with new password data or old key data, obtains the first temporary key number According to;
Ciphering unit, for new password data or new key data described in described first temporary key data encryption, obtaining To new password data ciphertext or new key data ciphertext.
Further, described client 2 also includes:
Random number ciphertext generation module, for obtaining random number with random number described in described first temporary key data encryption Ciphertext;And/or
First Mac result-generation module, for described first temporary key data to described new password data or Xinmi City Key data ciphertext carries out message authentication and is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, first Mac result;
Second Modify password packet forwarding module, sets for the command message of described second Modify password is forwarded to intelligence Standby, wherein, server is according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described First Mac result generates the command message of the second Modify password.
Client provided in an embodiment of the present invention can be applied in aforementioned corresponding embodiment of the method one, and details are referring to upper State the description of embodiment one, will not be described here.
Embodiment three
Fig. 3 shows the concrete structure block diagram of the server that the embodiment of the present invention three provides, and for convenience of description, only illustrates The part related to the embodiment of the present invention.This server 3 constitutes the system of Modify password together with client, smart machine, Wherein, Old Password data or old key data are stored in smart machine, and this server 3 includes:Request receiving module 31, obtain Take random number order sending module 32, random number response data receiver module 33, random number sending module 34, new password or key Data ciphertext receiver module 35 and the first Modify password message sending module 36.
Wherein, request receiving module 31, for receiving the acquisition RANDOM NUMBER request of client transmission;
Obtain random number order sending module 32, for the life obtaining random number is generated according to the described RANDOM NUMBER request that obtains Order, and the described order obtaining random number is forwarded to smart machine by client;
Random number response data receiver module 33, for receiving the random number response data of client forwarding, wherein, intelligence Equipment generates random number according to the described order obtaining random number, after caching described random number, generates and comprises described random number Random number response data;
Random number sending module 34, for parsing described random number from described random number response data, and sends institute State random number to client;
New password or key data ciphertext receiver module 35, for receiving the first new password data ciphertext of client transmission Or the first new key data ciphertext, wherein, client is according to described Old Password data or old key data, described random number and institute State new password data or new key data, obtain the described first Xinmi City's yardage including described new password data or new key data According to ciphertext or the first new key data ciphertext;
First Modify password message sending module 36, for according to described new password data ciphertext or new key data ciphertext Generate the command message of the first Modify password, and the command message of described first Modify password is forwarded to intelligence by client Equipment, with by smart machine according to described Old Password data or old key data and described random number to described first Modify password Secret order message be decrypted, obtain deciphering the new password data obtaining or new key data, the Xinmi City being obtained with described deciphering Code data replaces described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
Further, described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, And/or, a Mac result;
Described server 3 also includes:
Second Modify password message sending module, for according to described new password data ciphertext or new key data ciphertext, Described random number ciphertext and/or the command message of described Mac result generation second Modify password, and described second is changed The command message of password is forwarded to smart machine by client.
Server provided in an embodiment of the present invention can be applied in aforementioned corresponding embodiment of the method one, and details are referring to upper State the description of embodiment one, will not be described here.
Example IV
Fig. 4 shows the concrete structure block diagram of the smart machine that the embodiment of the present invention four provides, and for convenience of description, only shows Go out the part related to the embodiment of the present invention.What this smart machine 4 constituted Modify password together with client, server is System, wherein, old key data is stored in smart machine 4, and this smart machine 4 includes:Acquisition random number Order receiver module 41, Random number response data sending module 42, the first Modify password message receiver module 43 and Password modified module 44.
Wherein, obtain random number Order receiver module 41, for receiving the life of the acquisition random number forwarding by client Order, wherein, the described order obtaining random number is that server generates according to the RANDOM NUMBER request that obtains that client sends;
Random number response data sending module 42, for generating random number, caching according to the described order obtaining random number Described random number, generates the random number response data comprising described random number, and forwards described random number response by client Data is to server;
First Modify password message receiver module 43, the first Modify password being forwarded by client for the reception server The message of order, wherein, server parses described random number from described random number response data, and sends described random number To client, client according to described Old Password data or old key data, described random number and described new password data or New key data, obtains new password data ciphertext or new key data ciphertext, and includes described new password data ciphertext by described Or the first new password data ciphertext of new key data ciphertext or the first new key data ciphertext send to server, server root Generate the command message of described first Modify password according to described first new password data ciphertext or the first new key data ciphertext;
Password modified module 44, for according to described Old Password data or old key data and described random number to described The command message of one Modify password is decrypted, and obtains deciphering the new password data obtaining or new key data, uses described deciphering The new password data obtaining is replaced described Old Password data or is replaced described old cipher key number with deciphering the new key data obtaining According to.
Further, described smart machine 4 also includes:
Second Modify password message receiver module, the second Modify password life being forwarded by client for the reception server The message of order, wherein, server parses described random number from described random number response data, and sends described random number extremely After client, client is according to described Old Password data or old key data, described random number and new password data or new key Data, obtains new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result, and will be described new Code data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result send to server, server root Generate described second according to described new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result to repair Change the command message of password;
Dispersed modules, for described Old Password data or old key data and the described random number dispersion of caching, obtaining Second temporary key data;
Random nnrber decryption module, for wrapping in the command message to the second Modify password for the described second temporary key data The random number ciphertext including is decrypted, and obtains the random number that described deciphering obtains;And/or
Message identification module, for in the command message to described second Modify password for the described second temporary key data Including new password data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Further, described Password modified module includes:
New key data decryption unit, for the life with the first Modify password described in described second temporary key data deciphering Make the new password data ciphertext that message includes or new key data ciphertext, obtain the new password data or new that described deciphering obtains Key data.
Further, described Password modified module also includes:
Comparing unit, the random number for obtaining described deciphering is compared with the described random number caching and/or will Described 2nd Mac result and a described Mac result are compared, if unanimously, Xinmi City's yardage of being obtained with described deciphering The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
Further, described Old Password data or old key data are stored in the safety chip of smart machine.
Smart machine provided in an embodiment of the present invention can be applied in aforementioned corresponding embodiment of the method one, details referring to The description of above-described embodiment one, will not be described here.
Embodiment five
Fig. 5 shows the concrete structure block diagram of the system of Modify password that the embodiment of the present invention five provides, for the ease of saying Bright, illustrate only the part related to the embodiment of the present invention.The system 5 of this Modify password includes the clothes as described in embodiment three Client described in business device, embodiment two and the smart machine described in example IV.Wherein, server and client connect Connect, both can be with direction communication;Smart machine and client connect, and smart machine is communicated with server by client. Described in the work visible embodiment one to four of interaction between specific service device, client and smart machine, will not be described here.
Those of ordinary skill in the art are it is to be appreciated that combine the list of each example of the embodiments described herein description Unit and algorithm steps, being capable of being implemented in combination in electronic hardware or computer software and electronic hardware.These functions are actually To be executed with hardware or software mode, the application-specific depending on technical scheme and design constraint.Professional and technical personnel Each specific application can be used different methods to realize described function, but this realization is it is not considered that exceed The scope of the present invention.
Those skilled in the art can be understood that, for convenience and simplicity of description, the system of foregoing description, Device and the specific work process of unit, may be referred to the corresponding process in preceding method embodiment, will not be described here.
It should be understood that disclosed system, apparatus and method in several embodiments provided herein, permissible Realize by another way.For example, device embodiment described above is only schematically, for example, described unit Divide, only a kind of division of logic function, actual can have other dividing mode when realizing, for example multiple units or assembly Can in conjunction with or be desirably integrated into another system, or some features can be ignored, or does not execute.Another, shown or The coupling each other discussing or direct-coupling or communication connection can be by some interfaces, the indirect coupling of device or unit Close or communicate to connect, can be electrical, mechanical or other forms.
The described unit illustrating as separating component can be or may not be physically separate, show as unit The part showing can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.The mesh to realize this embodiment scheme for some or all of unit therein can be selected according to the actual needs 's.
In addition, can be integrated in a processing unit in each functional unit in each embodiment of the present invention it is also possible to It is that unit is individually physically present it is also possible to two or more units are integrated in a unit.
If described function realized using in the form of SFU software functional unit and as independent production marketing or use when, permissible It is stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially in other words Partly being embodied in the form of software product of part that prior art is contributed or this technical scheme, this meter Calculation machine software product is stored in a storage medium, including some instructions with so that a computer equipment (can be individual People's computer, server, or network equipment etc.) execution each embodiment methods described of the present invention all or part of step. And aforesaid storage medium includes:USB flash disk, portable hard drive, read only memory (ROM, Read-Only Memory), random access memory are deposited Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, and any Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, all should contain Cover within protection scope of the present invention.Therefore, protection scope of the present invention should described be defined by scope of the claims.

Claims (20)

1. a kind of method of Modify password is it is characterised in that Old Password data or old key data are stored in smart machine, Methods described includes:
Client sends and obtains RANDOM NUMBER request to server;
Server generates, according to the described RANDOM NUMBER request that obtains, the order obtaining random number, and forwards described acquisition by client The order of random number is to smart machine;
Smart machine generates random number according to the described order obtaining random number, caches described random number, generate comprise described with The random number response data of machine number, and described random number response data is forwarded to server by client;
Server parses described random number from described random number response data, and sends described random number to client;
Client obtains new password data or new key data and Old Password data or old key data, and according to described Old Password Data or old key data, described random number and described new password data/new key data, obtain new password data ciphertext or new Key data ciphertext, and by include described new password data ciphertext or new key data ciphertext the first new password data ciphertext or First new key data ciphertext sends to server;
Server generates the life of the first Modify password according to described first new password data ciphertext or the first new key data ciphertext Make message, and the command message of described first Modify password is forwarded to smart machine by client;
Smart machine life to described first Modify password according to described Old Password data or old key data and described random number Make message be decrypted, obtain deciphering the new password data obtaining or new key data, Xinmi City's yardage being obtained with described deciphering The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
2. the method for claim 1 is it is characterised in that obtain new password data or new key data in described client After Old Password data or old key data, also include:
Described new password data conversion is become new key data by client, and described Old Password data conversion is become old key data.
3. the method for claim 1 is it is characterised in that described client is according to described Old Password data or old cipher key number According to, described random number and described new password data or new key data, obtain new password data ciphertext or new key data ciphertext Including:
Client is disperseed with random number with Old Password data or old key data, obtains the first temporary key data;
Client new password data or new key data described in described first temporary key data encryption, obtain described new password Data or new key data ciphertext.
4. method as claimed in claim 3 is it is characterised in that in described client according to described Old Password data or old key Data, described random number and described new password data or new key data, obtain new password data or new key data ciphertext it Afterwards, also include:
Client obtains random number ciphertext with random number described in described first temporary key data encryption;And/or
Client carries out message with described first temporary key data to described new password data ciphertext or new key data ciphertext Authentication calculations obtain a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, a Mac Result;
The first new password data ciphertext or first of described new password data ciphertext or new key data ciphertext will be included described New key data ciphertext sends to after server, also includes:
Server is according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described first Mac result generates the command message of the second Modify password, and the command message of described second Modify password is turned by client It is sent to smart machine.
5. method as claimed in claim 4 is it is characterised in that in described smart machine according to described Old Password data or old close Key data and described random number are decrypted to the command message of described first Modify password, obtain deciphering Xinmi City's yardage obtaining According to or new key data after, also include:
Smart machine described Old Password data or old key data and the described random number dispersion of caching, obtain second temporarily close Key data;
The random number that smart machine is included to the command message of described second Modify password with described second temporary key data Ciphertext is decrypted, and obtains the random number that described deciphering obtains;And/or
The new password that smart machine is included to the command message of described second Modify password with described second temporary key data Data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
6. method as claimed in claim 5 is it is characterised in that described smart machine is according to described Old Password data or old key Data and described random number are decrypted to the command message of described first Modify password, obtain deciphering the new password data obtaining Or new key data includes:
Xinmi City that smart machine is included with the command message of the first Modify password described in described second temporary key data deciphering Code data ciphertext or new key data ciphertext, obtain new password data or new key data that described deciphering obtains.
7. method as claimed in claim 5 is it is characterised in that in described smart machine according to described Old Password data or old close Key data and described random number are decrypted to the command message of described first Modify password, obtain deciphering Xinmi City's yardage obtaining According to or new key data after, also include:
The described random number of the random number that described deciphering is obtained by smart machine and caching is compared and/or by described second Mac result is compared with a described Mac result, if unanimously, the new password data being obtained with described deciphering replaces institute State Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
8. the method for claim 1 is it is characterised in that described Old Password data or old key data are stored in intelligent setting In standby safety chip.
9. a kind of client is it is characterised in that Old Password data or old key data are stored in smart machine, described client End includes:
RANDOM NUMBER request sending module, obtains RANDOM NUMBER request to server for sending;
Obtain random number order sending module, the order of the acquisition random number generating for forwarding server is to smart machine, institute The order stating acquisition random number is to be generated according to the RANDOM NUMBER request that obtains that client sends;
Random number response data forwarding module, for forwarding random number response data to server, wherein, smart machine is according to institute State the order generation random number obtaining random number, after caching described random number, generate the random number response comprising described random number Data;
Random number receiver module, the described random number parsing from described random number response data for the reception server;
New password or key data ciphertext sending module, for obtaining new password data and Old Password data, and according to described old Code data or old key data, described random number and described new password data or new key data, obtain new password data close Literary composition or new key data ciphertext, and the first new password data of described new password data ciphertext or new key data ciphertext will be included Ciphertext or the first new key data ciphertext send to server;
First Modify password packet forwarding module, for the command message of the first Modify password is forwarded to smart machine, with by Smart machine secret order report to described first Modify password according to described Old Password data or old key data and described random number Literary composition is decrypted, and obtains deciphering the new password data obtaining or new key data, and the new password data being obtained with described deciphering Replace described Old Password data or the new key data described old key data of replacement being obtained with described deciphering, wherein, service Device generates the command message of the first Modify password according to described new password data ciphertext new key data ciphertext.
10. client as claimed in claim 9 is it is characterised in that described client also includes:
Modular converter, for described new password data conversion is become new key data, described Old Password data conversion is become old close Key data.
11. clients as claimed in claim 9 are it is characterised in that new key data ciphertext sending module includes:
Dispersal unit, for being disperseed with random number with Old Password data or old key data, obtains the first temporary key data;
Ciphering unit, for new password data or new key data described in described first temporary key data encryption, obtaining new Code data ciphertext or new key data ciphertext.
12. clients as claimed in claim 11 are it is characterised in that described client also includes:
Random number ciphertext generation module, close for obtaining random number with random number described in described first temporary key data encryption Literary composition;And/or
First Mac result-generation module, for described first temporary key data to described new password data ciphertext or Xinmi City Key data ciphertext carries out message authentication and is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, a Mac Result;
Described client also includes:
Second Modify password packet forwarding module, for the command message of described second Modify password is forwarded to smart machine, By server according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or a described Mac Result generates the command message of described second Modify password.
A kind of 13. servers it is characterised in that Old Password data or old key data are stored in smart machine, described clothes Business device includes:
Request receiving module, for receiving the acquisition RANDOM NUMBER request of client transmission;
Obtain random number order sending module, for the order obtaining random number is generated according to the described RANDOM NUMBER request that obtains, and The described order obtaining random number is forwarded to smart machine by client;
Random number response data receiver module, for receiving the random number response data of client forwarding, wherein, smart machine root Generate random number according to the described order obtaining random number, after caching described random number, generate the random number comprising described random number Response data;
Random number sending module, for parsing described random number from described random number response data, and sends described random Number is to client;
New password or key data ciphertext receiver module, for receiving the first new password data ciphertext or first of client transmission New key data ciphertext, wherein, client is according to described Old Password data or old key data, described random number and described Xinmi City Code data or new key data, obtain new password data ciphertext or new key data ciphertext, and will include described new password data First new password data ciphertext of ciphertext or new key data ciphertext or the first new key data ciphertext send to server;
First Modify password message sending module, for generating the according to described new password data ciphertext or new key data ciphertext The command message of one Modify password, and the command message of described first Modify password is forwarded to smart machine by client, With close to described first Modify password according to described Old Password data or old key data and described random number by smart machine Make message be decrypted, obtain deciphering the new password data obtaining or new key data, and the new password being obtained with described deciphering Data replaces described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
14. servers as claimed in claim 13 are it is characterised in that described first new password data ciphertext or the first new key Data ciphertext also includes random number ciphertext, and/or, a Mac result, described server also includes:
Second Modify password message sending module, for according to described new password data ciphertext or new key data ciphertext, described Random number ciphertext and/or a described Mac result generate the command message of the second Modify password, and by described second Modify password Command message smart machine is forwarded to by client.
A kind of 15. smart machines it is characterised in that Old Password data or old key data are stored in described smart machine, Described smart machine includes:
Obtain random number Order receiver module, for receiving the order of the acquisition random number forwarding by client, wherein, described The order obtaining random number is that server generates according to the RANDOM NUMBER request that obtains that client sends;
Random number response data sending module, for random number is generated according to the described order obtaining random number, caching described with Machine number, generates the random number response data comprising described random number, and forwards described random number response data extremely by client Server;
First Modify password message receiver module, the first Modify password order being forwarded by client for the reception server Message, wherein, server parses described random number from described random number response data, and sends described random number to client Behind end, client is according to described Old Password data or old key data, described random number and described new password data or new key Data, obtains new password data ciphertext or new key data ciphertext, and will include described new password data ciphertext or new key number The first new password data ciphertext or the first new key data ciphertext according to ciphertext send to server, and server is according to described Xinmi City Code data ciphertext or the command message of new key data ciphertext described first Modify password of generation;
Password modified module, for the order report to described first Modify password according to described Old Password data or old key data Literary composition is decrypted, and obtains deciphering the new password data obtaining or new key data, the new password data being obtained with described deciphering is replaced Change described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
16. smart machines as claimed in claim 15 are it is characterised in that described first new password data ciphertext or first Xinmi City Key data ciphertext also includes random number ciphertext, and/or, a Mac result, described smart machine also includes:
Second Modify password message receiver module, the second Modify password order being forwarded by client for the reception server Message, wherein, server parses described random number from described random number response data, and sends described random number to client Behind end, client is according to described Old Password data or old key data, described random number and described new password data or new key Data, obtains new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result, and will include institute State new password data ciphertext or the first new password data of new key data ciphertext, random number ciphertext and/or a Mac result is close Literary composition or the first new key data ciphertext send to server, and server is according to described first new password data ciphertext or first Xinmi City Key data ciphertext generates the command message of described second Modify password;
Dispersed modules, for described Old Password data or old key data and the described random number dispersion of caching, obtaining second Temporary key data;
Random nnrber decryption module, for included to the command message of the second Modify password with described second temporary key data Random number ciphertext is decrypted, and obtains the random number that described deciphering obtains;And/or
Message identification module, for being included to the command message of described second Modify password with described second temporary key data New password data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
17. smart machines as claimed in claim 16 are it is characterised in that described Password modified module includes:
New key data decryption unit, for the order report with the first Modify password described in described second temporary key data deciphering New password data ciphertext or new key data ciphertext that literary composition includes, obtain new password data or new key that described deciphering obtains Data.
18. smart machines as claimed in claim 16 are it is characterised in that described Password modified module also includes:
Comparing unit, the random number for obtaining described deciphering is compared with the described random number caching and/or will be described 2nd Mac result is compared with a described Mac result, if unanimously, the new password data being obtained with described deciphering is replaced Change described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
19. smart machines as claimed in claim 15 are it is characterised in that described Old Password data or old key data are stored in In the safety chip of smart machine.
A kind of 20. systems of Modify password are it is characterised in that described system includes the visitor described in any one of claim 9 to 12 Family end, the server as described in claim 13 to 14 and the smart machine as described in any one of claim 15 to 19.
CN201610931829.2A 2016-10-24 2016-10-24 Method, system and the client of Modify password, server and smart machine Active CN106452752B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610931829.2A CN106452752B (en) 2016-10-24 2016-10-24 Method, system and the client of Modify password, server and smart machine

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610931829.2A CN106452752B (en) 2016-10-24 2016-10-24 Method, system and the client of Modify password, server and smart machine

Publications (2)

Publication Number Publication Date
CN106452752A true CN106452752A (en) 2017-02-22
CN106452752B CN106452752B (en) 2019-05-24

Family

ID=58177442

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610931829.2A Active CN106452752B (en) 2016-10-24 2016-10-24 Method, system and the client of Modify password, server and smart machine

Country Status (1)

Country Link
CN (1) CN106452752B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109446793A (en) * 2018-09-21 2019-03-08 广州江南科友科技股份有限公司 A kind of account based on Windows agent changes decryption method and device
CN110445607A (en) * 2019-08-12 2019-11-12 北京百佑科技有限公司 Intelligent door lock key updating method, system and computer storage medium
CN110460436A (en) * 2019-07-12 2019-11-15 山东三未信安信息科技有限公司 Hardware device key management method, system, storage medium and computer equipment
US20220263661A1 (en) * 2021-02-15 2022-08-18 Sony Semiconductor Israel Ltd. Efficient Data Item Authentication

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1972290A (en) * 2005-11-07 2007-05-30 华为技术有限公司 Modification method for authentication password based on SIP, subscriber proxy server and subscriber proxy client
CN101453325A (en) * 2007-11-30 2009-06-10 环达电脑(上海)有限公司 Method for remotely modifying login keyword
CN104484596A (en) * 2015-01-07 2015-04-01 宇龙计算机通信科技(深圳)有限公司 Method and terminal for creating password in multi-operation system
CN104821941A (en) * 2015-04-21 2015-08-05 南京邮电大学 Smart card password authentication and password changing method
CN105656864A (en) * 2014-11-27 2016-06-08 航天恒星科技有限公司 TCM-based key management system and management method
CN105812357A (en) * 2016-03-07 2016-07-27 中标软件有限公司 User password management method for cloud computing platform

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1972290A (en) * 2005-11-07 2007-05-30 华为技术有限公司 Modification method for authentication password based on SIP, subscriber proxy server and subscriber proxy client
CN101453325A (en) * 2007-11-30 2009-06-10 环达电脑(上海)有限公司 Method for remotely modifying login keyword
CN105656864A (en) * 2014-11-27 2016-06-08 航天恒星科技有限公司 TCM-based key management system and management method
CN104484596A (en) * 2015-01-07 2015-04-01 宇龙计算机通信科技(深圳)有限公司 Method and terminal for creating password in multi-operation system
CN104821941A (en) * 2015-04-21 2015-08-05 南京邮电大学 Smart card password authentication and password changing method
CN105812357A (en) * 2016-03-07 2016-07-27 中标软件有限公司 User password management method for cloud computing platform

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109446793A (en) * 2018-09-21 2019-03-08 广州江南科友科技股份有限公司 A kind of account based on Windows agent changes decryption method and device
CN109446793B (en) * 2018-09-21 2021-07-20 广州江南科友科技股份有限公司 Account encryption method and device based on Windows agent
CN110460436A (en) * 2019-07-12 2019-11-15 山东三未信安信息科技有限公司 Hardware device key management method, system, storage medium and computer equipment
CN110445607A (en) * 2019-08-12 2019-11-12 北京百佑科技有限公司 Intelligent door lock key updating method, system and computer storage medium
US20220263661A1 (en) * 2021-02-15 2022-08-18 Sony Semiconductor Israel Ltd. Efficient Data Item Authentication
US11799662B2 (en) * 2021-02-15 2023-10-24 Sony Semiconductor Solutions Corporation Efficient data item authentication

Also Published As

Publication number Publication date
CN106452752B (en) 2019-05-24

Similar Documents

Publication Publication Date Title
US11615411B2 (en) POS system with white box encryption key sharing
CN106506479B (en) Method, system and the client of cipher authentication, server and smart machine
CN105162772A (en) IoT equipment authentication and key agreement method and device
US20120254622A1 (en) Secure Access to Electronic Devices
CN108270739B (en) Method and device for managing encryption information
CN106357679B (en) Method, system and the client of cipher authentication, server and smart machine
CN108809636B (en) Communication system for realizing message authentication between members based on group type quantum key card
CN103036681B (en) A kind of password safety keyboard device and system
CN109639697A (en) Cloud mobile phone safe throws method, mobile terminal and the server of screen
CN104917807A (en) Resource transfer method, apparatus and system
CN111131416A (en) Business service providing method and device, storage medium and electronic device
CN106452752B (en) Method, system and the client of Modify password, server and smart machine
CN102595213A (en) Security certificate method and system of credible TV terminal
CN105653986A (en) Micro SD card-based data protection method and device
CN107707562B (en) Method and device for encrypting and decrypting algorithm of asymmetric dynamic token
CN109543434A (en) Block chain information encryption method, decryption method, storage method and device
CN107070642B (en) Heterogeneous resource pool multiplexing technology for multi-brand cipher machine
CN104038340A (en) Device for generating an encrypted key and method for providing an encrypted key to a receiver
CN109379345B (en) Sensitive information transmission method and system
CN104901803A (en) Data interaction safety protection method based on CPK identity authentication technology
CN104239808A (en) Method and device for encryption transmission of data
JP2014530554A (en) Group secret management by group members
CN109039598A (en) Data transfer encryption method, client and server-side
CN106507349A (en) A kind of built-in terminal encryption system of software and hardware combining and encryption method
CN104767766A (en) Web Service interface verification method, Web Service server and client side

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant